Secure Application Development Quiz

Email:
What is the attack technique used to exploit web sites by altering backend database queries through inputting manipulated queries?
SQL Injection
Cross Site Scripting
Insecure Direct Object Reference
OS command injection
What happens when an application takes user-inputted data and sends it to a web browser without proper validation and escaping?
Broken Authentication and Session Management
Security Misconfiguration
Cross Site Scripting
Malware Uploading
Which attack can execute scripts in the user's browser and is capable of hijacking user sessions, defacing websites, or redirecting the user to malicious sites?
SQL Injection
Cross Site Scripting
Cross Site Request Forgery
Insecure Direct Object References
What threat are you vulnerable to if you do not validate authorization of user for direct references to restricted resources?
Insecure Direct Object References
command injection
Cross Site Request Forgery
SQL Injection
In which of the following exploits does an attacker insert malicious code into a link that appears to be from a trustworthy source?
IDOR
SQLI
XSS
CSRF
Input validation should be based on....
Blacklisting
Whitelisting
Taking control of Admin functionality and misusing sensitive data that they are unauthorized to access is:
Broken Access Control
Cross Site Scripting
SQL Injection
Xml Enternal Entities Injection
User A and User B belong to same access level in an application, However User A is able to view credit card information of User B. This is classic example of
Horizontal Privilege Escalation
Vertical Privilege Escalation
Cross site scripting
Both a and b
XSS stands for _________________
Cross Site Scripting
Cross Site Server
Crack Site Scripting
Crack server scripting
In which of the following exploits does an attacker add SQL code to an application input form to gain access to resources or make changes to data?
SQL Injection
command injection
Cross Site Scripting
XML Injection
0
{"name":"Secure Application Development Quiz", "url":"https://www.quiz-maker.com/QJVUDN8M9","txt":"Email:, What is the attack technique used to exploit web sites by altering backend database queries through inputting manipulated queries?, What happens when an application takes user-inputted data and sends it to a web browser without proper validation and escaping?","img":"https://www.quiz-maker.com/3012/images/ogquiz.png"}
Powered by
Quiz Maker
Powered by: Quiz Maker